Technology is Not a Substitute for Good Business Processes | Microbyte

Technology is Not a Substitute for Good Business Processes

robot touches human hand

With all the readily available news, it’s important that we never advocate spreading undue concerns or raising anxiety with no justification. But, given the unprecedented rise in hacking and phishing attempts globally in 2018, we feel compelled to draw as much attention as possible to good business practices.

Many of you will have received emails prompting you to click links, sign in here and send money, etc., and you are no doubt always vigilant. However, people will continue to get “caught out” and these risks will increase over the coming months/years.

As an IT company, from a technology perspective we are continuously improving our offerings, and doing what we can to keep our networks secure. Multi-factor Authentication and Identity Protection Services are just two examples which are available and we are of course actively encouraging uptake of these.

As important as the technology, however, are the processes which govern their use (or should). It’s vitally important we all work regularly on our own internal processes to control the flow of data within our businesses.

How can I spot these bad practices?

Some very specific examples where we have seen (what we would perceive as) a lack of validation and controls might be:

  • In-depth phone conversations (and email) with individuals imitating genuine employees, suppliers or customers
  • Large payments made to bank accounts without enough verification as to the destination
  • Attempts to change to details held on record pertaining to individuals working for a company
  • Very few checks in place prior to agreeing to change bank account details and sending funds elsewhere
  • No multiple signoffs for large BACS payments, either verbal or written

These are just some examples where we need to evaluate, with surgical precision, who is allowed to do what within our businesses, where our liabilities lie, and how we double and triple check absolutely anything which potentially has a big risk attached.

As an example of progress, banks are stepping up efforts to provide more secure platforms and verification which is evident all around us. However there will never be enough, and the battle against fraudsters will be eternal. The fact you can still send funds to anywhere, with nothing more than a few numbers, and not even a company name that matches speaks volumes.

The time will come when we will be unable to blame the systems for not protecting us, and more good old-fashioned checklists might just have to make a comeback.

 

 

 

 

 

 

Similar blogs

Why is IT support in Dubai so bad?

Why is IT Support in Dubai so bad?

With its impressive skyline, reputation for innovation and being at the forefront of tourism and international business, Dubai seems like the kind of place to have some of the best IT support in the world. Internationally connected and popular with businesses that are increasingly reliant on technology, the city is a tax-free, global expat dream….

Read More

Avatar photo

What is a Disaster Recovery Policy?

Recovering from a disaster requires proper planning. As the cliché goes, ‘Failing to plan is planning to fail’- a truism appropriate for incident responses in a business environment.  When critical business operations are under attack, having a disaster recovery policy is essential to establish the correct response. As a high-level strategic document, the policy informs…

Read More

Avatar photo

What is an IT Security Policy

What is an IT Security Policy

An IT security policy confirms the specific rules and correct procedures governing how employees and other parties may use the company’s IT resources. This type of policy details both what is expected and what actions are not allowed. Policies detail acceptable uses of IT technologies, controls limiting user access, accepted procedures, and the consequences for…

Read More

Avatar photo

A Guide to Responsible IT Asset Disposition

A Guide to Responsible IT Asset Disposition

IT asset acquisition requires careful consideration and post-purchase implementation. IT asset disposition (known as ITAD) involves the full lifecycle of an asset while owned by the business.   Every IT asset has a lifecycle. A home user might use a laptop for 4 – 5 years, but most companies expect a shorter lifespan. The equipment must…

Read More

Avatar photo

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

10 Important Questions to Ask Before Choosing a Managed Service Provider (MSP)

Having a reliable and efficient IT infrastructure is a huge asset to any business. Being able to rely on your technology and having professional support when you need it can set you ahead of the competition. As companies grow increasingly reliant on technology, Managed IT Service Providers (MSPs) offer an affordable, practical and efficient way…

Read More

Avatar photo

BAU IT Support

Business As Usual (BAU) IT Support

Business as usual (BAU) support represents regular work tasks within an IT department. They reflect tasks that key IT personnel perform to maintain technology systems with minimal potential disruption to business operations. BAU tasks may include routine tasks such as infrastructure management, network monitoring, software patching, hardware driver updates, and other responsibilities. Troubleshooting – working…

Read More

Avatar photo